Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
cheers L.
------ "Mission Statement: To provide hope and inspiration for collective action, to build collective power, to achieve collective transformation, rooted in grief and rage but pointed towards vision and dreams."
- Patrisse Cullors, *Black Lives Matter founder*
On Wed, May 31, 2017 at 08:19:56AM +1000, Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Sorry, I agree our roadmap is not entirely clear.
1.15.3 will be released during June, most fixes planned for that release are either in or being reviewed.
1.16 will probably be released during F-27 development phase.
On 31.05.2017 10:53, Jakub Hrozek wrote:
On Wed, May 31, 2017 at 08:19:56AM +1000, Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Sorry, I agree our roadmap is not entirely clear.
1.15.3 will be released during June, most fixes planned for that release are either in or being reviewed.
Freeipa 4.5.2 depends on a feature not available in 1.15.2, which feels a bit backwards as it's a point-release which I think should not depend on a not-yet-released features..
On Tue, Jul 04, 2017 at 12:38:46AM +0300, Timo Aaltonen wrote:
On 31.05.2017 10:53, Jakub Hrozek wrote:
On Wed, May 31, 2017 at 08:19:56AM +1000, Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Sorry, I agree our roadmap is not entirely clear.
1.15.3 will be released during June, most fixes planned for that release are either in or being reviewed.
Freeipa 4.5.2 depends on a feature not available in 1.15.2, which feels a bit backwards as it's a point-release which I think should not depend on a not-yet-released features..
You are right and I didn't realize that there was this dependency.
The current status of 1.15.3 release is that we need to fix: https://pagure.io/SSSD/sssd/issue/3441 - secondary group membership resolution of AD user fails if user information from other trusted domain is fetched first - this is a regression I would really not like to see in a release
Currently the 1.15.3 milestone also contains https://pagure.io/SSSD/sssd/issue/3420 which is quite important but I wouldn't hold the release over this bug and https://pagure.io/SSSD/sssd/issue/3406 which is also a regression, but at the same time a bit of a corner case, so I'd be personally fine with moving this to 1.15.4..
On Mon, 2017-07-10 at 16:04 +0200, Jakub Hrozek wrote:
On Tue, Jul 04, 2017 at 12:38:46AM +0300, Timo Aaltonen wrote:
On 31.05.2017 10:53, Jakub Hrozek wrote:
On Wed, May 31, 2017 at 08:19:56AM +1000, Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Sorry, I agree our roadmap is not entirely clear.
1.15.3 will be released during June, most fixes planned for that release are either in or being reviewed.
Freeipa 4.5.2 depends on a feature not available in 1.15.2, which feels a bit backwards as it's a point-release which I think should not depend on a not-yet-released features..
You are right and I didn't realize that there was this dependency.
The current status of 1.15.3 release is that we need to fix: https://pagure.io/SSSD/sssd/issue/3441 - secondary group membership resolution of AD user fails if user information from other trusted domain is fetched first - this is a regression I would really not like to see in a release
Currently the 1.15.3 milestone also contains https://pagure.io/SSSD/sssd/issue/3420 which is quite important but I wouldn't hold the release over this bug and https://pagure.io/SSSD/sssd/issue/3406 which is also a regression, but at the same time a bit of a corner case, so I'd be personally fine with moving this to 1.15.4..
Not a corner case here, every suspend over night causes it.
The fix is so simple I am surprised you haven't done it yet, just revert the KRB5KRB_AP_ERR_TKT_EXPIRED part of the offending commit. That part was not not needed anyway as far as I can tell.
On (10/07/17 14:49), Joakim Tjernlund wrote:
On Mon, 2017-07-10 at 16:04 +0200, Jakub Hrozek wrote:
On Tue, Jul 04, 2017 at 12:38:46AM +0300, Timo Aaltonen wrote:
On 31.05.2017 10:53, Jakub Hrozek wrote:
On Wed, May 31, 2017 at 08:19:56AM +1000, Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Sorry, I agree our roadmap is not entirely clear.
1.15.3 will be released during June, most fixes planned for that release are either in or being reviewed.
Freeipa 4.5.2 depends on a feature not available in 1.15.2, which feels a bit backwards as it's a point-release which I think should not depend on a not-yet-released features..
You are right and I didn't realize that there was this dependency.
The current status of 1.15.3 release is that we need to fix: https://pagure.io/SSSD/sssd/issue/3441 - secondary group membership resolution of AD user fails if user information from other trusted domain is fetched first - this is a regression I would really not like to see in a release
Currently the 1.15.3 milestone also contains https://pagure.io/SSSD/sssd/issue/3420 which is quite important but I wouldn't hold the release over this bug and https://pagure.io/SSSD/sssd/issue/3406 which is also a regression, but at the same time a bit of a corner case, so I'd be personally fine with moving this to 1.15.4..
Not a corner case here, every suspend over night causes it.
The fix is so simple I am surprised you haven't done it yet, just revert the KRB5KRB_AP_ERR_TKT_EXPIRED part of the offending commit. That part was not not needed anyway as far as I can tell.
Reverting changes in krb5_child is not the simples thing. It can break many cases in sssd (OTP, migration, certificates ...) I do not want to say that it would be the same with commit d3348f49260998880bb7cd3b2fb72d562b1b7a64 But it requires proper review and testing.
Feel free to provide a test + revert patch. It's open source world.
LS
On (10/07/17 16:04), Jakub Hrozek wrote:
On Tue, Jul 04, 2017 at 12:38:46AM +0300, Timo Aaltonen wrote:
On 31.05.2017 10:53, Jakub Hrozek wrote:
On Wed, May 31, 2017 at 08:19:56AM +1000, Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Sorry, I agree our roadmap is not entirely clear.
1.15.3 will be released during June, most fixes planned for that release are either in or being reviewed.
Freeipa 4.5.2 depends on a feature not available in 1.15.2, which feels a bit backwards as it's a point-release which I think should not depend on a not-yet-released features..
You are right and I didn't realize that there was this dependency.
The current status of 1.15.3 release is that we need to fix: https://pagure.io/SSSD/sssd/issue/3441 - secondary group membership resolution of AD user fails if user information from other trusted domain is fetched first - this is a regression I would really not like to see in a release
Currently the 1.15.3 milestone also contains https://pagure.io/SSSD/sssd/issue/3420 which is quite important but I wouldn't hold the release over this bug and https://pagure.io/SSSD/sssd/issue/3406 which is also a regression, but at the same time a bit of a corner case, so I'd be personally fine with moving this to 1.15.4..
IMHO, https://pagure.io/SSSD/sssd/issue/3448 has higher priority then #3406 which is also in 1.14.2.
LS
On Mon, Jul 10, 2017 at 11:13:05PM +0200, Lukas Slebodnik wrote:
On (10/07/17 16:04), Jakub Hrozek wrote:
On Tue, Jul 04, 2017 at 12:38:46AM +0300, Timo Aaltonen wrote:
On 31.05.2017 10:53, Jakub Hrozek wrote:
On Wed, May 31, 2017 at 08:19:56AM +1000, Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Sorry, I agree our roadmap is not entirely clear.
1.15.3 will be released during June, most fixes planned for that release are either in or being reviewed.
Freeipa 4.5.2 depends on a feature not available in 1.15.2, which feels a bit backwards as it's a point-release which I think should not depend on a not-yet-released features..
You are right and I didn't realize that there was this dependency.
The current status of 1.15.3 release is that we need to fix: https://pagure.io/SSSD/sssd/issue/3441 - secondary group membership resolution of AD user fails if user information from other trusted domain is fetched first - this is a regression I would really not like to see in a release
Currently the 1.15.3 milestone also contains https://pagure.io/SSSD/sssd/issue/3420 which is quite important but I wouldn't hold the release over this bug and https://pagure.io/SSSD/sssd/issue/3406 which is also a regression, but at the same time a bit of a corner case, so I'd be personally fine with moving this to 1.15.4..
IMHO, https://pagure.io/SSSD/sssd/issue/3448 has higher priority then #3406 which is also in 1.14.2.
Yes, sorry, I was looking at the downstream bug before my vacation, but forgot to clone it. I've also put #3448 to 1.15.3, this really needs to be fixed.
On (31/05/17 08:19), Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
Version is immediately increased in git to simplify life for developers. 1.15.3 is still a devel version and not official.
BTW 1.15.2 is in copr for some time https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-15/
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Which fix do you mean? I usually try to have the same version in copr as it is in fedora. and I am not aware of any complains for 1.15.2 in fedora :-) Feel free to open bug in fedora and I can fix it there + backport patch(es) to copr.
LS
On Wed, May 31, 2017 at 10:09:26AM +0200, Lukas Slebodnik wrote:
On (31/05/17 08:19), Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
Version is immediately increased in git to simplify life for developers. 1.15.3 is still a devel version and not official.
BTW 1.15.2 is in copr for some time https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-15/
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Which fix do you mean?
I suspect it's #3382 -- this bug hit quite a few people, do you think it's a good idea to regenerate the copr with 1.15.2 and this fix?
on the other hand, 1.15.3 is not far away (promise :-))
I usually try to have the same version in copr as it is in fedora. and I am not aware of any complains for 1.15.2 in fedora :-) Feel free to open bug in fedora and I can fix it there + backport patch(es) to copr.
LS _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org
On 31 May 2017 at 18:54, Jakub Hrozek jhrozek@redhat.com wrote:
On Wed, May 31, 2017 at 10:09:26AM +0200, Lukas Slebodnik wrote:
On (31/05/17 08:19), Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1b
b8187b8337?branch=master
)
Version is immediately increased in git to simplify life for developers. 1.15.3 is still a devel version and not official.
BTW 1.15.2 is in copr for some time https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-15/
This is purely selfish - I love all that you do, and I'm aware that
there
has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Which fix do you mean?
I suspect it's #3382 -- this bug hit quite a few people, do you think it's a good idea to regenerate the copr with 1.15.2 and this fix?
on the other hand, 1.15.3 is not far away (promise :-))
Yes it is that one :)
Happy to wait, just need to be able to plan for the change.
Any idea if there will be an IPA point release around the same time?
cheers L.
------ "Mission Statement: To provide hope and inspiration for collective action, to build collective power, to achieve collective transformation, rooted in grief and rage but pointed towards vision and dreams."
- Patrisse Cullors, *Black Lives Matter founder*
On (31/05/17 19:04), Lachlan Musicman wrote:
On 31 May 2017 at 18:54, Jakub Hrozek jhrozek@redhat.com wrote:
On Wed, May 31, 2017 at 10:09:26AM +0200, Lukas Slebodnik wrote:
On (31/05/17 08:19), Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1b
b8187b8337?branch=master
)
Version is immediately increased in git to simplify life for developers. 1.15.3 is still a devel version and not official.
BTW 1.15.2 is in copr for some time https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-15/
This is purely selfish - I love all that you do, and I'm aware that
there
has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Which fix do you mean?
I suspect it's #3382 -- this bug hit quite a few people, do you think it's a good idea to regenerate the copr with 1.15.2 and this fix?
on the other hand, 1.15.3 is not far away (promise :-))
Yes it is that one :)
Happy to wait, just need to be able to plan for the change.
Fixed in sssd-1.15.2-5 (copr-1.15) in will be in updates testing for fedora in few days.
Happy testing :-)
LS
On Wed, 2017-05-31 at 10:54 +0200, Jakub Hrozek wrote:
On Wed, May 31, 2017 at 10:09:26AM +0200, Lukas Slebodnik wrote:
On (31/05/17 08:19), Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
Version is immediately increased in git to simplify life for developers. 1.15.3 is still a devel version and not official.
BTW 1.15.2 is in copr for some time https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-15/
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Which fix do you mean?
I suspect it's #3382 -- this bug hit quite a few people, do you think it's a good idea to regenerate the copr with 1.15.2 and this fix?
on the other hand, 1.15.3 is not far away (promise :-))
Could you deal with(Quoting earlier mail below) before 1.15.3 too? Fix could be as simple as reverting just KRB5KRB_AP_ERR_TKT_EXPIRED, works fine here.
Jocke
We map expired ticket(KRB5KRB_AP_ERR_TKT_EXPIRED) to network error (ERR_NETWORK_IO) since 1.14.2 https://pagure.io/SSSD/sssd/issue/3174 https://pagure.io/SSSD/sssd/c/d3348f49260998880bb7cd3b2fb72d562b1b7a64 It might be a reasonable with first kinit. Because new ticket should be valid. But we should treat it differently for renewing ticket.
Ahh, nice. I wonder though if there could be a short wait for the network to come on? Usually the unlock window is presented shortly before network is on so when fast unlock sssd will be offline and no new ticket which causes some grief for users.
Thank you very much for bug report. And sorry that it took me so long to find a bug.
NP, glad you found something. Please send patch my way, I will test it directly.
ATM I do not have a higher priority tasks. And I am not sure when someone from developers will have a time to fix it.
The fastest workaround should be to revert the patch d3348f49260998880bb7cd3b2fb72d562b1b7a64.
LS
On (31/05/17 12:45), Joakim Tjernlund wrote:
On Wed, 2017-05-31 at 10:54 +0200, Jakub Hrozek wrote:
On Wed, May 31, 2017 at 10:09:26AM +0200, Lukas Slebodnik wrote:
On (31/05/17 08:19), Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
Version is immediately increased in git to simplify life for developers. 1.15.3 is still a devel version and not official.
BTW 1.15.2 is in copr for some time https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-15/
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Which fix do you mean?
I suspect it's #3382 -- this bug hit quite a few people, do you think it's a good idea to regenerate the copr with 1.15.2 and this fix?
on the other hand, 1.15.3 is not far away (promise :-))
Could you deal with(Quoting earlier mail below) before 1.15.3 too? Fix could be as simple as reverting just KRB5KRB_AP_ERR_TKT_EXPIRED, works fine here.
Reverting fix your use-case. But it will break https://pagure.io/SSSD/sssd/issue/3174
I am not sure whether I mentioned it in different thread but this bug is tracked in https://pagure.io/SSSD/sssd/issue/3406
LS
On Wed, 2017-05-31 at 15:41 +0200, Lukas Slebodnik wrote:
On (31/05/17 12:45), Joakim Tjernlund wrote:
On Wed, 2017-05-31 at 10:54 +0200, Jakub Hrozek wrote:
On Wed, May 31, 2017 at 10:09:26AM +0200, Lukas Slebodnik wrote:
On (31/05/17 08:19), Lachlan Musicman wrote:
Hi all,
I noticed a while ago that 1.15.3 was versioned in the repo but I've not seen anything released? I'm mostly looking on the COPR ( https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branc... )
Version is immediately increased in git to simplify life for developers. 1.15.3 is still a devel version and not official.
BTW 1.15.2 is in copr for some time https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-15/
This is purely selfish - I love all that you do, and I'm aware that there has been some fairly comprehensive infrastructural change.
I'm just waiting on that one fix and have no roadmap visibility :)
Which fix do you mean?
I suspect it's #3382 -- this bug hit quite a few people, do you think it's a good idea to regenerate the copr with 1.15.2 and this fix?
on the other hand, 1.15.3 is not far away (promise :-))
Could you deal with(Quoting earlier mail below) before 1.15.3 too? Fix could be as simple as reverting just KRB5KRB_AP_ERR_TKT_EXPIRED, works fine here.
Reverting fix your use-case. But it will break https://pagure.io/SSSD/sssd/issue/3174
no, that is not how I read that issue, his problem was time skew and related to KRB5KRB_AP_ERR_TKT_NYV and would never had happened if the clock was correct to begin with.
KRB5KRB_AP_ERR_TKT_EXPIRED was thrown in for good measure. So reverting KRB5KRB_AP_ERR_TKT_EXPIRED is the correct fix for both I think.
I am not sure whether I mentioned it in different thread but this bug is tracked in https://pagure.io/SSSD/sssd/issue/3406
OK, thanks.
sssd-users@lists.fedorahosted.org
-
Jakub Hrozek -
Joakim Tjernlund -
Lachlan Musicman -
Lukas Slebodnik -
Timo Aaltonen